Mothers day sale now on! Use code Spoilher10

Living DNA
  • Who we are
  • Products

    • Full ancestry kit Full ancestry kit
    • Wellbeing Kit Wellbeing Kit
    • Wellbeing and ancestry Kit Wellbeing and ancestry Kit
    • Your ancestry with Book Your ancestry with Book
    • Your ancestry and Neanderthal Your ancestry and Neanderthal
  • Get started from $90
  • Login
    United Kingdom Australia Canada Europe International New Zealand
25th June 2018

Privacy, Security and GDPR for the Personal Genomics Industry

Living DNA enjoyed the Genealogy Jamboree this month. Our co-founders hosted a Data Privacy discussion, attended by a number of genealogists.

As platinum sponsor, the Living DNA Team really enjoyed their time at the Genealogy Jamboree event earlier this month. During the event, co-founders David Nicholson and Hannah Morden-Nicholson hosted a Data Privacy discussion which was attended by a number of genealogists including Kitty Cooper, Thomas MacEntee, Emily Aulicino, Diahan Southard, Shannon Christmas and Blaine Bettinger.

Based on recent GDPR compliance laws, the main focus of the evening was on how GDPR could affect the family history market. In simple terms, GDPR is something that we feel should be standard practice for any organization. It makes clear what information a company is storing about an individual, why they are storing this information and provides simple ways for individuals to request for their information to be removed. The problem for family history is that many people add information about living people to online systems without asking their consent, say you add the name of your mum or sibling to an online family tree - under the legislation they would need to consent to this.

So, what could genetic ancestry companies do right away to be compliant?

Thomas McEntee suggested ‘editing the terms of service is the easiest path to GDPR compliance’. Kitty Cooper raised that ‘an alternative way to accomplish new standards of security would be to use a secure third-party service. This could be as simple as ensuring that if you add information about a certain person that they are notified of this to consent to it being on the system..’

Emily Aulicino spoke about the impact on the United States, posing the consideration that, ‘There probably won’t be a huge reaction right away from the United States but all it takes is one person to test for something that they didn’t know they had or didn’t wanted tested.’ David responded echoed this saying ‘GDPR is not designed to hold back industries, it’s designed to increase responsibility..’

alt text

When it comes to genetic data the group came to a consensos over the following key points;

Every person whose DNA is tested must be aware of what is happening with their data.

If as a family genealogist you have access to family members DNA then as custodian of this data (under GDPR known as a data processor) its important to ensure you have permission to use the DNA and must only upload the DNA when permission is provided.

An individual should prepare for what happens when they pass, who should have custody of their DNA and start that process today.

Hannah ended the discussion with "GDPR is about companies actively working towards increased privacy measures whilst putting clients in control of their own data, something Living DNA is founded on."

The discussion finished with everyone looking 10 years ahead, at this point the group thought that;

GDPR would be widespread across not only Europe but the United States and other countries.

Our entire view of handling other people's information (records, DNA, and basic information) would change to be one of care and respect.

By never selling your data to third parties Living DNA allow you to be in control of your data every step of the way.

Bring your DNA to life.
Get started from $90
Products
  • Starter kit
  • Full ancestry kit
  • Wellbeing kit
  • Wellbeing & ancestry kit
  • DNA Nutrition Testing
  • DNA Fitness Testing
  • Compare our DNA kits
  • Free DNA Upload
  • Upgrade your DNA results
Specialist Ancestry
  • African Ancestry
  • European Ancestry
  • British Ancestry
  • Irish Ancestry
Help
  • Activate my kit
  • Support center
  • Contact us
Company
  • Our story
  • Privacy and legal
  • Education
  • Blog
  • Press
  • Join our team
  • Returns Policy
Partnerships
  • Affiliates
  • Partners
Living DNA - Your DNA Partner Family Tree Badge - 25 Best Websites for Beginners
Twitter Facebook YouTube Instagram

© Living DNA Ltd, a company registered in England and Wales with number: 10221519.

Norton secured payments with Visa, Mastercard, American Express and PayPal

Our use of cookies

We use cookies to give you the best experience on our site. By continuing to use our website, you agree to our use of cookies

Necessary (Required)

Cookies that the site cannot function properly without. This includes cookies for access to secure areas and CSRF security. Please note that Craft’s default cookies do not collect any personal or sensitive information. Craft's default cookies do not collect IP addresses. The information they store is not sent to Pixel & Tonic or any 3rd parties.

Name: CraftSessionId

Description: Craft relies on PHP sessions to maintain sessions across web requests. That is done via the PHP session cookie. Craft names that cookie “CraftSessionId” by default, but it can be renamed via the phpSessionId config setting. This cookie will expire as soon as the session expires.

Provider: this site

Expiry: Session

Name: *_identity

Description: When you log into the Control Panel, you will get an authentication cookie used to maintain your authenticated state. The cookie name is prefixed with a long, randomly generated string, followed by _identity. The cookie only stores information necessary to maintain a secure, authenticated session and will only exist for as long as the user is authenticated in Craft.

Provider: this site

Expiry: Persistent

Name: *_username

Description: If you check the "Keep me logged in" option during login, this cookie is used to remember the username for your next authentication.

Provider: this site

Expiry: Persistent

Name: CRAFT_CSRF_TOKEN

Description: Protects us and you as a user against Cross-Site Request Forgery attacks.

Provider: this site

Expiry: Session

Statistics

Statistic cookies help us understand how visitors interact with websites by collecting and reporting information anonymously.

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Details Hide Details